550 5.1.1 user unknown

I am not sure where to start with this one. But here it goes...
We implemented a new email server this weekend. We can send and recieve, everything appears to be in working order. However, we have a web application that sends email updates using SMTP. It can send to external email accounts (e.g. gmail,comcast)fine. But it does not send to exchange, user@mydomain.com
We get:
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp;550 5.1.1 User unknown

Not sure what is going on. Need some help.

The application pulls emails from the application DB. It worked fine last week with our old email server. The email accounts are the same. No migration of account. Started fresh.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

From the web server, go to a command prompt and use telnet to simulate sending email.

Here is the KB article.

If it works from there, but not your app, then there is a configuration issue between the two.  If it doesn't work from there, then it it is probably a setting on the SMTP server that is not allowing access or something.
bsbarnettAuthor Commented:
We have tried this already with no luck.

So, I finally broke-down and started the old exchange services and what do you know...it is receiving the web app emails. We believe there may be some setting on a router or firewall with our ISP. Is this a good assumption?
We plan to call them tomorrow AM.
please make sure the SMTP authentication is enabled...or u will need to use the SMTP authentication scripts to send out the mails.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

When you said you tried it with no luck, which didn't work?  If you are able to telnet to the server, then it is a configuration issue.  If you cannot telnet to the server, it is a network.protocol issue.
bsbarnettAuthor Commented:
We are able to telnet. We send a message and it returns to the application server.
What configuration issue are you referring to? Exchange?
What credentials are you using with the web application?  Did you do your telnet test from a command prompt or telnet session from the actual web server itself?  When you did the test, did you use the same authentication method?  Can you do a packet capture of the email attempt?  Try this to see what is being sent back and forth on the session.
bsbarnettAuthor Commented:
sorry...been out of office for week.
Here's where I am at... I get an "unable to relay" when logged into the app server and do a telnet session.
telnet appserv.domain.com 25
ehlo domain.com
mail from: <appserv@domain.com> sender OK
rcpt to:<exc_account@domain.com> 550 5.7.1 Unable to relay.

I have set a receive connector for the app server ip addresses.
I have look at the app server, SMTP settings:
e-mail use appserv@domain.com,
deliver email to SMTP server is set to localhost and localhost is checked
port: 25
Authenication settings: not required.

Once again...email flows in and out normally besides the app server. The app server can deliver to internet email accounts. The app server has a public ip address, no private ip.

Hope this helps someone that can help me.
Go into Exchange Management Console ->On-Premises->Server Configuration->Hub Transport.

Look at the receive connectors at the bottom,
Allow Relay fomr the Following Internal Addresses should be Enabled.
Check the properties on it and be sure you have the App Servers IP address in the Receive Email From Remote Servers that have these IP Addresses.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bsbarnettAuthor Commented:
I will check this out tomorrow morning once in the office. Will let you know as soon as I do.
bsbarnettAuthor Commented:
I have checked these settings. 1.The connector is enabled.  2. I have 5 public ip addesses(that are assoicated with the app serv) in the recieve mail from remote server. Authentication is set to Externally secured. 4. Permissions is set to Anonymous and Exchange server.

These settings have been there since Monday. Still not recieve app server email to internal accounts.
The best way to test is going to be telnet from the remote machine to the smtp server on port 25.  If that doesn't work, nothing else will.

Take a look at this article.  It looks like it has your specific type of situation detailed and a solution.
bsbarnettAuthor Commented:
Making progress.... after looking at the article it appeared that I had missed the shell cmd.
       Get-ReceiveConnector "CRM Application" | Add-ADPermission -User "NT       AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

I run this for my connector. Now when I do:

telnet appserv.domain.com 25
ehlo domain.com
mail from: <appserv@domain.com> sender OK
rcpt to:<exc_account@domain.com>
The message is queued for delivery.
 However I never recieve it.

Anything else I need to try?
It sounds like it is down to permissions within the Hub Transport.  The message should be visible in a queue, and if you put a valid email address as the sender, you should get a bounce back notification.

Check this article for some specific information.
bsbarnettAuthor Commented:
I can tell you that the messages I sent this morning are still in the app server SMTP queue. I haven't gotten a bounce back yet.

Just curious- Does the app server have to be setup to relay to the exchange?
What SMTP server is the app server using?  I thought you app on the app server was submitting the email directly to the SMTP server on the exchange server.
bsbarnettAuthor Commented:
Sorry for the misunderstanding, the app server has always been separate from the Exchange.
To my understanding, it using it's own SMTP service on the app server to delivery email. This is what the programmer wanted to use.
The stuff so far needed fixed regardless.  Make sure the DNS on the app machine is using the correct mx records for the recipient domain
bsbarnettAuthor Commented:
Sure thing. Will check on this tomorrow morning.
bsbarnettAuthor Commented:
I checked DNS manager there's a MX record for our Exchange server.
We use DNS Made easy for DNS. Everything is good there.
From app server: I did nslookup, set q=mx, domain.com; this return the correct MX  

Is there a place in the app server IIS to check?

It's frustrating to me.... The app server emails reach external domains fine, the exchange is receiving and sending external email fine.

I thank you for your help and patients.
bsbarnettAuthor Commented:
We modified the host file on app server. Enter the Exchange server ip and email started being delivered.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.